cyberark.conjur.conjur_variable – Fetch credentials from CyberArk Conjur.

From Get docs
Ansible/docs/2.10/collections/cyberark/conjur/conjur variable lookup


cyberark.conjur.conjur_variable – Fetch credentials from CyberArk Conjur.

Note

This plugin is part of the cyberark.conjur collection (version 1.1.0).

To install it use: ansible-galaxy collection install cyberark.conjur.

To use it in a playbook, specify: cyberark.conjur.conjur_variable.


New in version 2.5: of cyberark.conjur


Synopsis

  • Retrieves credentials from Conjur using the controlling host’s Conjur identity or environment variables. Environment variables could be CONJUR_ACCOUNT, CONJUR_APPLIANCE_URL, CONJUR_CERT_FILE, CONJUR_AUTHN_LOGIN, CONJUR_AUTHN_API_KEY, CONJUR_AUTHN_TOKEN_FILE Conjur info - https://www.conjur.org/.

Requirements

The below requirements are needed on the local controller node that executes this lookup.

Parameters

Parameter Choices/Defaults Configuration Comments

_terms

string / required

Variable path

as_file

boolean

  • no

  • yes

Store lookup result in a temporary file and returns the file path. Thus allowing it to be consumed as an ansible file parameter (eg ansible_ssh_private_key_file).

authn_token_file

path

Default:

"/var/run/conjur/access-token"

ini entries: [conjur,]authn_token_file = /var/run/conjur/access-token


env:CONJUR_AUTHN_TOKEN_FILE

Path to the access token file.

config_file

path

Default:

"/etc/conjur.conf"

ini entries: [conjur,]config_file_path = /etc/conjur.conf


env:CONJUR_CONFIG_FILE

Path to the Conjur configuration file. The configuration file is a YAML file.

identity_file

path

Default:

"/etc/conjur.identity"

ini entries: [conjur,]identity_file_path = /etc/conjur.identity


env:CONJUR_IDENTITY_FILE

Path to the Conjur identity file. The identity file follows the netrc file format convention.

validate_certs

boolean

  • no

  • yes

Flag to control SSL certificate validation



Examples

---
  - hosts: localhost
    collections:
      - cyberark.conjur
    tasks:
      - name: Lookup variable in Conjur
        debug:
          msg: "{{ lookup('cyberark.conjur.conjur_variable', '/path/to/secret') }}"

Return Values

Common return values are documented here, the following are the fields unique to this lookup:

Key Returned Description

_raw

string

success

Value stored in Conjur.





Authors

  • CyberArk BizDev (@cyberark-bizdev)
  • CyberArk Community and Integrations Team (@cyberark/community-and-integrations-team)

© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.10/collections/cyberark/conjur/conjur_variable_lookup.html


Retrieved from "https://getdocs.org/index.php?title=Ansible/docs/2.10/collections/cyberark/conjur/conjur_variable_lookup&oldid=58244"
Powered by MediaWiki